lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <071c5fcf-bd7d-40da-ad7c-c0edbe780671@gmail.com>
Date: Sat, 29 Nov 2025 07:46:40 +0100
From: Dirk Behme <dirk.behme@...il.com>
To: Atharv Dubey <atharvd440@...il.com>, arnd@...db.de,
 gregkh@...uxfoundation.org
Cc: ojeda@...nel.org, alex.gaynor@...il.com, boqun.feng@...il.com,
 gary@...yguo.net, bjorn3_gh@...tonmail.com, lossin@...nel.org,
 a.hindborg@...nel.org, aliceryhl@...gle.com, tmgross@...ch.edu,
 dakr@...nel.org, rust-for-linux@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] rust: miscdevice: use `pin_init::zeroed()` for C type
 initialization

On 28.11.25 17:23, Atharv Dubey wrote:
> Replace manual zero-initialization using
> `MaybeUninit::zeroed().assume_init()` with `pin_init::zeroed()`.
> The `pin_init` helper provides a safer and clearer API for
> zero-initializing C structs without requiring an `unsafe` block.
> 
> Link: https://github.com/Rust-for-Linux/linux/issues/1189
> Signed-off-by: Atharv Dubey <atharvd440@...il.com>
> ---
>  rust/kernel/miscdevice.rs | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/rust/kernel/miscdevice.rs b/rust/kernel/miscdevice.rs
> index d698cddcb4a5..e168e9da8f4a 100644
> --- a/rust/kernel/miscdevice.rs
> +++ b/rust/kernel/miscdevice.rs
> @@ -20,7 +20,7 @@
>      seq_file::SeqFile,
>      types::{ForeignOwnable, Opaque},
>  };
> -use core::{marker::PhantomData, mem::MaybeUninit, pin::Pin};
> +use core::{marker::PhantomData, pin::Pin};
>  
>  /// Options for creating a misc device.
>  #[derive(Copy, Clone)]
> @@ -33,7 +33,7 @@ impl MiscDeviceOptions {
>      /// Create a raw `struct miscdev` ready for registration.
>      pub const fn into_raw<T: MiscDevice>(self) -> bindings::miscdevice {
>          // SAFETY: All zeros is valid for this C type.
> -        let mut result: bindings::miscdevice = unsafe { MaybeUninit::zeroed().assume_init() };
> +        let mut result: bindings::miscdevice = pin_init::zeroed();

While getting rid of the `unsafe`what's about dropping the `SAFETY`
comment as well? As done by Benno in [1]?

Cheers

Dirk

[1]
https://lore.kernel.org/all/20250814093046.2071971-4-lossin@kernel.org/


>          result.minor = bindings::MISC_DYNAMIC_MINOR as ffi::c_int;
>          result.name = crate::str::as_char_ptr_in_const_context(self.name);
>          result.fops = MiscdeviceVTable::<T>::build();
> @@ -421,7 +421,7 @@ impl<T: MiscDevice> MiscdeviceVTable<T> {
>              None
>          },
>          // SAFETY: All zeros is a valid value for `bindings::file_operations`.
> -        ..unsafe { MaybeUninit::zeroed().assume_init() }
> +        ..pin_init::zeroed()
>      };
>  
>      const fn build() -> &'static bindings::file_operations {

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ